CVE-2025-1857
Published: 03 March 2025
Summary
CVE-2025-1857 is a high-severity Injection (CWE-74) vulnerability in Phpgurukul Nipah Virus Testing Management System. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 41.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents SQL injection by validating the employeeid parameter in /check_availability.php against malicious input.
Remediates the specific SQL injection flaw in CVE-2025-1857 through timely patching and testing of the vulnerable PHPGurukul application.
Identifies the SQL injection vulnerability via regular scanning of the web application for known flaws like those in /check_availability.php.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The unauthenticated SQL injection vulnerability in the public-facing /check_availability.php endpoint enables exploitation of a public-facing application (T1190) and unauthorized collection of data from databases (T1213.006).
NVD Description
A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file /check_availability.php. The manipulation of the argument employeeid leads to sql injection. It is possible to initiate…
more
the attack remotely. The exploit has been disclosed to the public and may be used.
Deeper analysisAI
CVE-2025-1857 is a critical SQL injection vulnerability (CWE-74, CWE-89) in PHPGurukul Nipah Virus Testing Management System 1.0. The flaw affects an unknown functionality within the file /check_availability.php, where manipulation of the employeeid argument enables SQL code injection. It carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and was published on 2025-03-03.
The vulnerability is remotely exploitable by unauthenticated attackers over the network with low complexity and no user interaction required. Successful exploitation can result in limited impacts to confidentiality, integrity, and availability, such as unauthorized data access, modification, or denial of service depending on the database backend.
Advisories and additional details are available in references including https://github.com/panghuanjie/Code-audits/issues/1, https://vuldb.com/?ctiid.298125, https://vuldb.com/?id.298125, https://vuldb.com/?submit.506120, and https://phpgurukul.com/. A public exploit has been disclosed and may be in use.
The exploit disclosure heightens the risk for exposed instances of this management system.
Details
- CWE(s)